Wed Jan 4 02:18:08 UTC 202320230104021808

ap/lsof-4.96.5-x86_64-1.txz:  Upgraded.
ap/sqlite-3.40.1-x86_64-1.txz:  Upgraded.
kde/bluedevil-5.26.5-x86_64-1.txz:  Upgraded.
kde/breeze-5.26.5-x86_64-1.txz:  Upgraded.
kde/breeze-grub-5.26.5-x86_64-1.txz:  Upgraded.
kde/breeze-gtk-5.26.5-x86_64-1.txz:  Upgraded.
kde/digikam-7.9.0-x86_64-2.txz:  Rebuilt.
  Recompiled against opencv-4.7.0.
kde/drkonqi-5.26.5-x86_64-1.txz:  Upgraded.
kde/kactivitymanagerd-5.26.5-x86_64-1.txz:  Upgraded.
kde/kde-cli-tools-5.26.5-x86_64-1.txz:  Upgraded.
kde/kde-gtk-config-5.26.5-x86_64-1.txz:  Upgraded.
kde/kdecoration-5.26.5-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.26.5-x86_64-1.txz:  Upgraded.
kde/kgamma5-5.26.5-x86_64-1.txz:  Upgraded.
kde/khotkeys-5.26.5-x86_64-1.txz:  Upgraded.
kde/kinfocenter-5.26.5-x86_64-1.txz:  Upgraded.
kde/kmenuedit-5.26.5-x86_64-1.txz:  Upgraded.
kde/kpipewire-5.26.5-x86_64-1.txz:  Upgraded.
kde/kscreen-5.26.5-x86_64-1.txz:  Upgraded.
kde/kscreenlocker-5.26.5-x86_64-1.txz:  Upgraded.
kde/ksshaskpass-5.26.5-x86_64-1.txz:  Upgraded.
kde/ksystemstats-5.26.5-x86_64-1.txz:  Upgraded.
kde/kwallet-pam-5.26.5-x86_64-1.txz:  Upgraded.
kde/kwayland-integration-5.26.5-x86_64-1.txz:  Upgraded.
kde/kwin-5.26.5-x86_64-1.txz:  Upgraded.
kde/kwrited-5.26.5-x86_64-1.txz:  Upgraded.
kde/layer-shell-qt-5.26.5-x86_64-1.txz:  Upgraded.
kde/libkscreen-5.26.5-x86_64-1.txz:  Upgraded.
kde/libksysguard-5.26.5-x86_64-1.txz:  Upgraded.
kde/milou-5.26.5-x86_64-1.txz:  Upgraded.
kde/oxygen-5.26.5-x86_64-1.txz:  Upgraded.
kde/oxygen-sounds-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-browser-integration-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-desktop-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-disks-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-firewall-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-integration-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-nm-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-pa-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-systemmonitor-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-vault-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.26.5-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-wallpapers-5.26.5-x86_64-1.txz:  Upgraded.
kde/polkit-kde-agent-1-5.26.5-x86_64-1.txz:  Upgraded.
kde/powerdevil-5.26.5-x86_64-1.txz:  Upgraded.
kde/qqc2-breeze-style-5.26.5-x86_64-1.txz:  Upgraded.
kde/sddm-kcm-5.26.5-x86_64-1.txz:  Upgraded.
kde/systemsettings-5.26.5-x86_64-1.txz:  Upgraded.
kde/xdg-desktop-portal-kde-5.26.5-x86_64-1.txz:  Upgraded.
l/SDL2-2.26.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.20.5-x86_64-2.txz:  Rebuilt.
  Recompiled against opencv-4.7.0.
l/imagemagick-7.1.0_57-x86_64-1.txz:  Upgraded.
l/libpcap-1.10.2-x86_64-1.txz:  Upgraded.
l/libpsl-0.21.2-x86_64-1.txz:  Upgraded.
l/librevenge-0.0.5-x86_64-1.txz:  Upgraded.
l/libsndfile-1.2.0-x86_64-1.txz:  Upgraded.
l/libtiff-4.4.0-x86_64-2.txz:  Rebuilt.
  Patched various security bugs.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-2056
    https://www.cve.org/CVERecord?id=CVE-2022-2057
    https://www.cve.org/CVERecord?id=CVE-2022-2058
    https://www.cve.org/CVERecord?id=CVE-2022-3970
    https://www.cve.org/CVERecord?id=CVE-2022-34526
  (* Security fix *)
l/netpbm-11.01.00-x86_64-1.txz:  Upgraded.
l/opencv-4.7.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/poppler-23.01.0-x86_64-1.txz:  Upgraded.
n/getmail-6.18.11-x86_64-1.txz:  Upgraded.
n/tcpdump-4.99.2-x86_64-1.txz:  Upgraded.
n/whois-5.5.15-x86_64-1.txz:  Upgraded.
  Updated the .bd, .nz and .tv TLD servers.
  Added the .llyw.cymru, .gov.scot and .gov.wales SLD servers.
  Updated the .ac.uk and .gov.uk SLD servers.
  Recursion has been enabled for whois.nic.tv.
  Updated the list of new gTLDs with four generic TLDs assigned in October 2013
  which were missing due to a bug.
  Removed 4 new gTLDs which are no longer active.
  Added the Georgian translation, contributed by Temuri Doghonadze.
  Updated the Finnish translation, contributed by Lauri Nurmi.
xap/pidgin-2.14.12-x86_64-1.txz:  Upgraded.
xap/rxvt-unicode-9.26-x86_64-4.txz:  Rebuilt.
  When the "background" extension was loaded, an attacker able to control the
  data written to the terminal would be able to execute arbitrary code as the
  terminal's user. Thanks to David Leadbeater and Ben Collver.
  For more information, see:
    https://www.openwall.com/lists/oss-security/2022/12/05/1
    https://www.cve.org/CVERecord?id=CVE-2022-4170
  (* Security fix *)

1 files changed, 28 insertions, 0 deletions

diff --git a/source/l/libtiff/patches/CVE-2022-34526.patch b/source/l/libtiff/patches/CVE-2022-34526.patch
new file mode 100644
index 000000000..cb3a4d3c7
--- /dev/null
+++ b/source/l/libtiff/patches/CVE-2022-34526.patch
@@ -0,0 +1,28 @@
+From 275735d0354e39c0ac1dc3c0db2120d6f31d1990 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Mon, 27 Jun 2022 16:09:43 +0200
+Subject: [PATCH] _TIFFCheckFieldIsValidForCodec(): return FALSE when passed a
+ codec-specific tag and the codec is not configured (fixes #433)
+
+This avoids crashes when querying such tags
+---
+ libtiff/tif_dirinfo.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c
+index c30f569b..3371cb5c 100644
+--- a/libtiff/tif_dirinfo.c
++++ b/libtiff/tif_dirinfo.c
+@@ -1191,6 +1191,9 @@ _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag)
+ 	    default:
+ 		return 1;
+ 	}
++	if( !TIFFIsCODECConfigured(tif->tif_dir.td_compression) ) {
++		return 0;
++	}
+ 	/* Check if codec specific tags are allowed for the current
+ 	 * compression scheme (codec) */
+ 	switch (tif->tif_dir.td_compression) {
+-- 
+GitLab
+